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DETAILED ACTION 

1 . This office action is in response to applicants* response filed on 10/06/2006. 

2. Claims 1. 2, 5-32, 35-41 and 44-48 are pending. 

3. Claims 2, 3, 33, 34, 42 and 43 are cancelled. 

4. Claims 1 , 31 and 40 are amended. 

5. Applicant's arguments have been fully considered but they are not persuasive. 

6. With respect to applicant statement on page 14, 3^^ paragraph of remarks, 
examiner on 12/20/06 made a telephone call and notified applicant's representative that 
examiner has no record or recollection of calling applicant's representative during April 
2006, 

7. When responding to the Office action, Applicant is advised to clearly point out the 
patentable novelty the claims present in view of the state of the art disclosed by the 
reference(s) cited or the objection made. A showing of how the amendments avoid such 
references or objections must also be present. See 37 C.F.R. 1.111(c). 

Response to Arguments 

1 . Applicants on page 18, 4^"^ paragraph of the remarks, argue that "Zhang fails to 
disclose or suggest establishing the secure tunnel begins before authenticating the user 
and wherein during a time between a beginning of establishing the secure tunnel with 
the one of the network entities and a beginning of authenticating the user equipment 
with another of the network entities, the at least one network communicates with the 
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user equipment to confirm that the request from the user equipment to establish a 
secure tunnel is not part of a denial of service attack." 

The examiner respectfully disagrees and asserts that Zhang discloses that while 
the process of authentication of a user equipment is performed the communications 
among the user equipment, the access point server and the authentication server are 
encrypted (see Fig. 2 and [0073]-[0082]). Zhang teaches that the user initiates a login 
session with his ISP (see [0075]). The access point server communicates an access 
request including the user ID to the authentication server (see [0076]). From this point 
onward until the user is authenticated all the transmitted messages (Fig.2, messages 
220, 230... 270) from the authentication server to the access point server and from the 
access point server to the user equipment and vice versa are encrypted (see [0077]- 
[0082]). The communication of encrypted messages between two points corresponds to 
the recited establishing secure tunnel. Therefore, the authentication of the user 
equipment partly coincides (i.e., occurs partially simultaneously) with the establishment 
of a secure channel. Moreover, Zhang discloses that the preferred embodiment of his 
invention provides a mechanism to prevent a denial of service attack by a hacker during 
the authentication of a user after establishing a secure channel. This is done by APs 
making intelligent decision while relaying user authentication certificate (corresponding 
to the recited a request for an identification of the user equipment). Zhang also 
discloses that IPSEC is used for the communication between the user and AP to ensure 
data integrity (corresponding to the recited a request for capability of the user 
equipment to support at least one data protocol) (see, for example, [0065]-[0067]). 



Application/Control Number: 10/714,638 Page 4 

Art Unit: 2132 

2. The examiner, however, in light of the above submission maintains the previous 
rejections while considering the amendments to the claims 1 , 31 and 40 as follows: 

Claim Objections 

Claims 5, 35 and 44 are objected to because of the following informalities: 
These claims dependent upon cancelled claims. Appropriate correction is required. 

However, examiner will consider these claims as allowable subject matter if 
rewritten in independent form to include all of the limitations of the claims 1, 31 and 40, 
respectively, and to overcome this objection and the rejection under 112, second 
paragraph as stated below. 

Claim Rejections - 35 USC §112 
The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. ^ 

Claims 5, 35 and 44 recites the limitation "communication during the time..." in 

line 2. There is insufficient antecedent basis for this limitation in the claim. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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Claims 1, 2, 6-32, 36-41 and 45-48 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Zhang etal (2002/0174335 A1; hereinafter Zhang) in view 
of Palekar et al (US 20030226017 A1 ; hereinafter Palekar). 

Regarding claims 1,2, 6-8, 31, 32, 36, 39-41 and 48, Zhang discloses a method 
for providing authentication, authorization and accounting (AAA) transactions in a 
wireless network (see, for example, abstract and [0028]). Zhang discloses that a mobile 
terminal (MT) receives services from an Internet service provider (ISP) having an 
authentication server through an access point (AP) (corresponding to the recited access 
network) with a server (see, for example. Fig. 1 and [0073]). Zhang also discloses that a 
secure channel (i.e., secure tunnel) is established between the MT and the AP (see, for 
example, [0025], [0026], [0043] and [0045]). Zhang further discloses that in one 
embodiment IPSEC is used for per-packet encryption between a MT and an AP (see, 
for example, [0029], [0067] and [0068]). In this embodiment every packet is encrypted 
and authenticated. As Fig. 2 and the procedure explained at [0073] through [0082] 
demonstrate that all transmitted messages are encrypted (corresponding to the recited 
establishing of the secure tunnel) while (corresponding to the recited at least partially 
simultaneous) authentication of a MT is being performed. This means that 
authentication process starts right after a secure channel is established. Zhang 
discloses that the preferred embodiment of his invention provides a mechanism to 
prevent a denial of service attack by a hacker during the authentication of a user after 
establishing a secure channel. This is done by APs making intelligent decision while 
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relaying user authentication certificate (corresponding to the recited a request for an 
identification of the user equipment). Zhang also discloses that IPSEC is used for the 
communication between the user and AP to ensure data integrity (corresponding to the 
recited a request for capability of the user equipment to support at least one data 
protocol) (see, for example. [0065]-[0067]). 

However, Zhang does not expressly disclose that establishing a secure tunnel is 
determined based on a protocol or an authentication method. 

Palekar discloses an efficient method for establishing a secure communication 
between two endpoints such as a wireless client and a network entity which consist of 
two phases of establishing a secure tunnel and authenticating the wireless client (see, 
for example, [0008H001 0]; [0042]; [0053]). Palekar further discloses that for the 
purpose of establishing the secure tunnel between the two endpoints either the 
authentication method is negotiated (see, for example, [0063]; [0069]) or the protocol 
used for communication (see, for example. [0070]; [0071]; [0109]). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to implement a scheme of selecting a protocol or a method of 
authentication prior to establishing a secure tunnel as taught in Palekar in the method of 
Zhang, because it would provide for protection of the communication from a rouge 
interceptor (Palekar, [0007]; [0008]; [0051]). 
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Regarding claims 9, 10 and 45, Zliang discloses that both the AP and the service 
provider (i.e., an ISP) each include a server in their networks (see, for example, [0055] 
and [0073]). 

Regarding claims 1 1-20, 37 and 46, Zhang discloses that the messages 
transmitted between a mobile user and an AP network are encrypted (corresponding to 
the recited the secure tunnel is established) and the communication is performed 
between the mobile user equipment and a server that is included in the AP network 
(see, for example, [0045], [0073] and Fig. 2, NASP). 

Regarding claims 21-23, 26, 27, 38 and 47, Zhang discloses that a mobile user 
connection with an AP network is a wireless connection (see, for example, [0055]). 

Regarding claims 24 and 25, these claims are rejected as applied to the like 
elements of claims 4 and 5 as stated above. 

Regarding claims 28-30, Zhang discloses that a roaming user accesses an ISP 
or a home network through a local network (i.e., an access or visited network) see, for 
example, [0047], [0051] and [0060]). 
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Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 , 1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Abdulhakim Nobahar whose telephone number is 571- 
272-3808. The examiner can normally be reached on M-T 8-6. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-dirept.uspto.gov. Should 
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you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Abdulhakim Nobahar 
Examiner ^ 
Art Unit 2132 yC^ ^ 
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